Hybrid-Cloud Infrastructure

1. Network Connectivity

• 📚 AWS Transit Gateway
• 🛠️ Network Orchestration for AWS Transit Gateway
• 📚 AWS Cloud WAN
• https://github.com/VectorMetering/terraform-aws-metering/tree/main/modules:
• terraform-aws-transit-gateway:
• terraform-gwlbe-plus-vpc:
• terraform-gwlbe-tgw-vpc: integrate this VPC module with terraform-aws-transit-gateway module which handles the creation of TGW resources and VPC attachments.

2. Network Security

• 🛠️ Network Security

3. Workload Isolation

• 🛠️ Landing Zone Accelerator on AWS
• 📚 Guidance for Workload Isolation on AWS

4. Template Management

• 🛠️ 4.1. Account Assessment for AWS Organizations
• 🛠️ 4.2. Landing Zone Accelerator on AWS

---

Workshops

• Multi-Account Security Governance Workshop: https://catalog.us-east-1.prod.workshops.aws/workshops/d3f60827-89f2-46a8-9be7-6e7185bd7665/en-US

• https://github.com/aws-samples/orgs-prescriptive-guidance || https://aws.amazon.com/blogs/mt/deploy-a-multi-account-environment-in-under-30-minutes-using-aws-cloudformation-stacksets/

• https://aws.amazon.com/blogs/mt/category/security-identity-compliance/aws-organizations/

• https://github.com/aws-samples/case-insights-for-multi-accounts --> CIMA (Consolidated Insights from Multiple Accounts) presents an efficient mechanism for data collection, visualization, and notifications.

• https://workshop-aws-account-setup.fstehle.com/master-account/aws-organization/

Source Code

• https://github.com/superwerker/superwerker --> automated best practices for AWS
• https://github.com/aws-samples/aws-organizations-tool --> Getting started with AWS Organizations Tool
• https://github.com/aws-samples/network-access-analyzer-multi-account-analysis --> Network Access Analyzer Multi-Account Analysis
• https://github.com/aws-samples/aws-network-hub-for-terraform --> a scalable, segregated, secured AWS network for multi-account organizations.
• https://github.com/aws-samples/centralized-backup-with-aws-backup-and-terraform --> Use Terraform to automate the deployment of your AWS Backup resources across accounts in your organization.
• https://github.com/aws-samples/aws-health-aware --> incident management & communication framework to provide real-time alert customers when there are active AWS event(s).
• https://github.com/aws-samples/aws-organizations-tag-inventory --> aws-organizations-tag-inventory
• https://github.com/aws-samples/resource-explorer-with-organizations --> Cross-account Resource monitoring with AWS Organizations and Resource Explorer
• https://github.com/aws-samples/backup-recovery-with-aws-backup --> Implement backup and recovery with AWS Backup across your AWS Organizations using a CI/CD pipeline (AWS CodePipeline).
• https://github.com/aws-samples/automated-role-entitlements-in-aws-iam-identity-center --> Automated Role Entitlements in AWS IAM Identity Center
• https://github.com/aws-samples/traffic-segmentation-multi-aws-region-transit-gateway-cloud-wan --> Achieving traffic segmentation in multi-AWS Region environments using AWS Transit Gateway and AWS Cloud WAN
• https://github.com/aws-samples/aws-transit-gateway-vpc-terraform --> https://github.com/aws-samples/aws-transit-gateway-vpc-terraform
• https://github.com/aws-samples/contacts-manager --> Programmatically manage AWS contacts at the AWS Organizations level
• https://github.com/aws-samples/aws-organizations-alternate-contact-manager --> AWS Organizations Alternate Contact Manager
• https://github.com/aws-samples/aws-organizations-alternate-contacts-management-via-csv --> AWS Organizations Alternate Contacts management via CSV
• https://github.com/aws-samples/transit-gateway-accelerated-s2s-vpn --> Transit Gateway with Accelerated Site-to-Site VPN
• https://github.com/aws-samples/aws-transit-gateway-connect-attachment-integration-with-amazon-linux-and-frrouting --> Transit Gateway Connect Attachment integration with Amazon Linux using FRRouting and BGP over GRE
• https://github.com/aws-samples/aws-network-firewall-deployment-with-transit-gateway --> AWS Network Firewall deployment with Transit Gateway

Security

• https://github.com/aws-samples/multi-account-security-assessment-via-prowler --> Create a consolidated report of Prowler security findings from multiple AWS accounts
• https://github.com/aws-samples/centralized-iam-key-management-aws-organizations-terraform --> IAM Access-Keys Rotation
• https://github.com/aws-samples/manage-identity-source-transition-for-aws-iam-identity-center --> Manage identity source transition for AWS IAM Identity Center
• https://github.com/aws-samples/automating-iam-credential-reports-for-large-aws-organizations --> Blog Post - Automating IAM credential reports for large AWS Organizations

Cost:

• https://github.com/aws-samples/cost-categories-for-organizations-automation --> AWS Cost Categories for Organizations Automation
• https://github.com/aws-samples/networking-costs-calculator --> the Networking Costs Calculator Project